This looks awesome, I&#39;m into it.<br><br><div class="gmail_quote">On Mon, Jun 22, 2009 at 8:38 PM, <span dir="ltr">&lt;<a href="mailto:unmarshal@gmail.com">unmarshal@gmail.com</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
So I&#39;m thinking there will definitely be an online component, There will definitely be slides, a mailing list, a common machine for everyone to log into to work on. The reason we will use a common machine is so I can control the libraries and compiler so we are all on equal footing, using the same offsets and memory addresses. There will be homework and misc challenges to reverse engineer and/or hack binaries I put up that exercise specific knowledge from the lesson. We can eventually turn this into a game and invite other people from the internet to participate in the hacking challenge. It would be setup like a game with each level requiring you to hack a binary in that directory, giving you permissions higher up in the chain... first guy to reach max permissions can touch a file bindWuzHere31337 or whatever ;). <br>
<br>I&#39;m very pleased there are people interested. I will work very hard to put together a coherent lesson plan and will help everyone move forward in their endeavors to hack the planet. My only weakness as a teacher in this situation is that I am out of the loop on the latest and greatest techniques. The good thing though is that the principles that are taught in this class remain relevant despite the extra hoops you now have to jump through these days.<br>
<br>This will be a lesson on hacking Linux systems on x86 processors. I am not super knowledgeable about windows hacking, although if this is a success, I will call up some friends who will be able to supplement. We can also perform a case study of Mac OSX as it is a ripe system for hacking despite a small remote attack surface. <br>
<br>We will also study vulnerability discovery methods such as source code auditing, closed source reverse engineering and fuzzing. We will also be going over x86 assembly for writing shellcode, debugging with gdb. You can write the actual exploits in any language you wish. I will take votes on what most people know. We could write them in C, Ruby or Python. I&#39;d prefer C.<br>
<br>I&#39;m very excited. Stay tuned for more details!<br><br>Also if you guys are interested in checking out some of my older exploits:<br><br><a href="http://unmarshal.github.com" target="_blank">http://unmarshal.github.com</a><br>
<br>I posted my good ones that got me pretty far back in the day ;)<br><br>I am slowly uploading all of my hacking tools circa 1998-2005. Most of them are simply relics, but they have some interesting stories behind them nonetheless.<br>
<br>-Marshall aka bind<div><div></div><div class="h5"><br><br><br>On Jun 22, 2009 7:11pm, Daniel Packer &lt;<a href="mailto:dp@danielpacker.org" target="_blank">dp@danielpacker.org</a>&gt; wrote:<br>&gt; I&#39;d be interested in participating in this remotely if possible.<br>
&gt; <br>&gt; Several weeks back I tried to organize this and have the names of<br>&gt; <br>&gt; several interested parties. If you search the archives you&#39;ll find a<br>&gt; <br>&gt; few folks who were even interested in offering tutorials(Dr. Jesus for<br>
&gt; <br>&gt; example).<br>&gt; <br>&gt; <br>&gt; <br>&gt; Great idea, wish you the best.<br>&gt; <br>&gt; <br>&gt; <br>&gt; -Daniel<br>&gt; <br>&gt; <br>&gt; <br>&gt; <br>&gt; <br>&gt; &gt;&gt; I&#39;m a bit rusty, but I am looking for a reason to jump back in to the<br>
&gt; <br>&gt; &gt;&gt; above mentioned topics. Would anyone be interested in attending a<br>&gt; <br>&gt; &gt;&gt; class about reverse engineering software on intel processors and/or<br>&gt; <br>&gt; &gt;&gt; identifying vulnerabilities in C code and exploitation techniques? I<br>
&gt; <br>&gt; &gt;&gt; spent a lot of time in the hacking scene and the computer security<br>&gt; <br>&gt; &gt;&gt; industry doing these things and burned out and left it for full time<br>&gt; <br>&gt; &gt;&gt; programming about 2 years ago. I would have no problem teaching an<br>
&gt; <br>&gt; &gt;&gt; introductory class on these topics. I will admit, I&#39;m not super hip<br>&gt; <br>&gt; &gt;&gt; on the latest in protection techniques that guard against these<br>&gt; <br>&gt; &gt;&gt; attacks, but I could teach the fundamentals while getting up to speed<br>
&gt; <br>&gt; &gt;&gt; on circumventing the protection techniques.<br>&gt; <br>&gt; &gt;&gt;<br>&gt; <br>&gt; _______________________________________________<br>&gt; <br>&gt; Noisebridge-discuss mailing list<br>&gt; <br>&gt; <a href="mailto:Noisebridge-discuss@lists.noisebridge.net" target="_blank">Noisebridge-discuss@lists.noisebridge.net</a><br>
&gt; <br>&gt; <a href="https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss" target="_blank">https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss</a><br>&gt;</div></div><br>_______________________________________________<br>